Malicious spam campaign capitalizes the global interest in the Zika virus

Pierluigi Paganini February 20, 2016

The cybercrime ecosystem is getting ready to exploit the media attention on the Zika virus infections for illegal activities. Be careful!

What is the relationship between the Zika virus and a malware? It’s just a matter of opportunity, the cyber crime ecosystem is getting ready to exploit the media attention on current issues for illegal activities. The Zika virus is a Public Health Emergency, as announced on February 1, 2016, by the World Health Organization (WHO).  Zika seems to be responsible for birth defects, the population in the Americas were first victims of the virus.

Security experts at Symantec have spotted a malicious spam campaign seeking to exploit the interest in the event.

“Newsworthy events on a regional or global level often provide fertile ground for cybercriminals seeking to capitalize on the interest in these events. In this case, the Zika virus’ impact in countries like Brazil is being leveraged, while the potential impact in other countries make it a prime candidate for more malicious spam.” states a blog post published by Symantec.

Most cases of the Zika virus were reported in Brazil, the same country where cyber security experts have spotted the malicious spam campaign.

zika virus spam email

The campaign that targeted Brazilians relies on malicious spam email that present to be sent by the Saúde Curiosa (Curious Health), a Brazilian health web portal.

The messages used the following subject:

“ZIKA VIRUS! ISSO MESMO, MATANDO COM ÁGUA!” which translates to: “Zika Virus! That’s Right, killing it with water!”

The text of the message includes buttons and attachments displaying the message “Eliminating Mosquito! Click Here!” and “Instructions To Follow! Download!” as well as a file attachment.

The button redirect victims to the file hosting service Dropbox where experts discovered the same file attached to the spam emails (JS.Downloader) used by crooks to download additional malware onto the infected machine.

Symantec provided the following suggestion to limit the exposure to this specific hacking campaign:

  • For information about the Zika virus, visit the World Health Organization’s website
  • Always look for trusted news sources, regionally and globally, for additional information
  • Avoid clicking on links or opening attachments in unsolicited email messages
  • Run security software on your computer and ensure that it is up to date

Pierluigi Paganini

(Security Affairs – Zika virus, spam campaign)

you might also like

leave a comment